Tackling another Lets Defend Challenge, that being the MEDIUM DIFFICULTY “Royal Ransom” challenge. We are given a sample file and a Windows VM system to analyze the malware and answer 7 questions.
“A small business that sells handmade crafts online has been experiencing a surge in demand for their products, leading to an increase in online sales. However, the business owner has not paid much attention to their online security, as they believed that their small size made them an unlikely target for cybercriminals.
One day, an employee at the business receives an email from what appears to be a legitimate customer, but the email contains a malicious attachment that, when opened, installs ransomware on the employee’s computer. The ransomware quickly spreads throughout the company’s network, encrypting all of their important files and rendering them inaccessible.
The ransomware attackers demand a large sum of money in exchange for the decryption key needed to unlock the company’s files. The business owner realizes that they do not have proper backups of their data and cannot afford to pay the ransom. As a result, the business is forced to shut down, causing financial loss and damage to their reputation. So help us to reverse the ransomware and try to answer the next questions.”
SAMPLE:
NOTES:
[ad_2]
source
